package io.fredia.femicro.auth.client.interceptor;

import java.util.List;

import javax.servlet.http.HttpServletRequest;
import javax.servlet.http.HttpServletResponse;

import org.slf4j.Logger;
import org.slf4j.LoggerFactory;
import org.springframework.beans.factory.annotation.Autowired;
import org.springframework.web.method.HandlerMethod;
import org.springframework.web.servlet.handler.HandlerInterceptorAdapter;

import io.fredia.femicro.auth.client.annotation.IgnoreClientToken;
import io.fredia.femicro.auth.client.config.ServiceAuthConfig;
import io.fredia.femicro.auth.client.jwt.ServiceAuthUtil;
import io.fredia.femicro.auth.common.util.jwt.IJWTInfo;
import io.fredia.femicro.common.exception.auth.ClientForbiddenException;

/**
 * 服务鉴权拦截器
 * 
 * @author : Fredia
 * @since : 2018年3月16日
 * @version : v1.0.0
 */
@SuppressWarnings("ALL")
public class ServiceAuthRestInterceptor extends HandlerInterceptorAdapter {
	private Logger logger = LoggerFactory.getLogger(ServiceAuthRestInterceptor.class);

	@Autowired
	private ServiceAuthUtil serviceAuthUtil;

	@Autowired
	private ServiceAuthConfig serviceAuthConfig;

	private List<String> allowedClient;

	@Override
	public boolean preHandle(HttpServletRequest request, HttpServletResponse response, Object handler)
			throws Exception {
		HandlerMethod handlerMethod = (HandlerMethod) handler;
		// 配置该注解，说明不进行服务拦截
		IgnoreClientToken annotation = handlerMethod.getBeanType().getAnnotation(IgnoreClientToken.class);
		if (annotation == null) {
			annotation = handlerMethod.getMethodAnnotation(IgnoreClientToken.class);
		}
		if (annotation != null) {
			return super.preHandle(request, response, handler);
		}

		String token = request.getHeader(serviceAuthConfig.getTokenHeader());
		IJWTInfo infoFromToken = serviceAuthUtil.getInfoFromToken(token);
		String uniqueName = infoFromToken.getUniqueName();
		for (String client : serviceAuthUtil.getAllowedClient()) {
			if (client.equals(uniqueName)) {
				return super.preHandle(request, response, handler);
			}
		}
		throw new ClientForbiddenException("Client is Forbidden!");
	}
}
